52+ min ago  (927+ words) During Q1 2026, the exploit kits leveraged by threat actors to target user systems expanded once again, incorporating new exploits for the Microsoft Office platform, as well as Windows and Linux operating systems. In this report, we dive into the statistics on…...

21+ hour, 52+ min ago  (1105+ words) To conceal the malicious package containing Zi Chat Bot, the attacker created another benign-looking package that included the malicious package as a dependency. Based on these facts, we confirm that this campaign is a carefully planned and executed Py PI…...

2+ day, 1+ hour ago  (882+ words) posted 05 May 2026 UPD 5/5/26: added detection rules and examples by KEDR Expert. Kaspersky solutions protect its users from the malicious payloads deployed through the DAEMON Tools supply chain attack. Our analysis revealed that for DAEMON Tools versions from 12. 5. 0. 2421 to 12. 5. 0. 2434, attackers have…...

3+ day, 53+ min ago  (407+ words) Amazon Simple Email Service (Amazon SES) is a cloud-based email platform designed for highly reliable transactional and marketing message delivery. It integrates seamlessly with other products in Amazon's cloud ecosystem, AWS. In early 2026, one of the most common themes in…...

6+ day, 15+ hour ago  (697+ words) posted 30 Apr 2026 A working exploit written in Python (later released in other programming languages as well) consists of about ten lines of code and uses standard system calls that are indistinguishable from normal system activity. We explain what the CVE…...

2+ week, 2+ day ago  (1100+ words) posted 21 Apr 2026 In light of geopolitical tensions that occurred in the Caribbean region in late 2025 and early 2026, artifacts associated with the attack chain of a destructive wiping campaign targeting the energy and utilities sector in Venezuela were identified on a…...

2+ week, 3+ day ago  (760+ words) App Store search results for "Ledger Wallet" (formerly Ledger Live) In some instances, the app names and icons had absolutely nothing to do with cryptocurrency. However, the promotional banners for these apps claimed that the official wallet was "unavailable in…...

4+ week, 1+ day ago  (1625+ words) In 2025, the financial cyberthreat landscape continued to evolve. While traditional PC banking malware declined in relative prevalence, this shift was offset by the rapid growth of credential theft by infostealers. Attackers increasingly relied on aggregation and reuse of stolen data,…...

1+ mon, 1+ week ago  (500+ words) Both versions of the library contained the same malicious code, but its execution was implemented differently. In the version 1. 82. 7, it was executed only when the proxy functionality was imported, while in 1. 82. 8, a. pth file was added that was able to execute…...

1+ mon, 1+ week ago  (683+ words) During our analysis, we discovered that the kernel exploit for CVE-2023-32434 and CVE-2023-38606 vulnerabilities used in Coruna, in fact, is an updated version of the same exploit that had been used in Operation Triangulation. The images below illustrate a high-level…...